The Convergence of eDiscovery, Internal Investigations and Compliance

The buzz at the 2009 ACC Annual Convention in Boston was that inside counsel are focused on internal investigations, eDiscovery and compliance because of the global convergence of these practice areas.

Typically, internal investigations include human resource, fraud and intellectual property theft matters. eDiscovery can include both civil and criminal as well as regulatory inquiries. Compliance covers data audit (personal identifiable information, record management enforcement, etc.), data security, Sarbanes-Oxley (SOX) and HIPAA investigations, to name a few.

Traditionally each of these practice areas have been a separate corporate function and rarely have been brought under one roof from a technology or departmental resource standpoint. Recently there has been a clear shift to consolidate these for efficiency and other internal reasons.

The tie that binds these practice areas: They all have legal repercussions and they all require similar investigation processes and techniques with similar consequences if not performed correctly. The risks are similar too--failure to find all relevant evidence, failure to properly preserve and authentic relevant electronically stored information (ESI), and evidence spoliation.

For cost, efficiency, consistency and risk mitigation, it makes sense to have a standardized, repeatable and defensible process for all types of corporate investigations. More companies today are creating a single team and using a single enterprise class technology to perform these types of investigations.

The investigative technique that all of them have in common is the need to quickly search, identify, preserve, collect and process the evidence for attorney or law enforcement or regulatory compliance review. To be sure, getting to the evidence early is critical to the success or failure of an investigation.

Judges are also behind this trend, advocating that companies bring eDiscovery in- house. For example in March's Phillip M. Adams & Assocs., L.L.C. v. Dell, Inc., the court scolded the producing party, Phillip Adams, for not having appropriate technology to reasonably access potentially relevant ESI. The court found it unacceptable for a party to hide behind inadequate information management systems as the reason why it could not produce relevant documents.

In July, the court in Spieker v. Quest Cherokee admonished defendant for claiming it did not have the ability to generate the requested ESI materials in-house. "This court is aware of no case where a party has been excused from producing discovery because its employees 'have not previously been asked to search for and/or produce discovery materials,'" the opinion said.

The need to become "investigation ready" is driving companies to assess, analyze and plan, and unify their investigation response practice. An effective response plan requires an organization to proactively anticipate the type of investigations that could be initiated and develop an offensive response strategy.

Technology is the lynchpin to the overall implementation of any response plan. When looking for enterprise technology to handle multiple types of digital investigations, look for technology that can search for evidence over the network from a central location, collect the evidence in a forensically sound manner and properly preserve all metadata. Additionally, having technology that can also do a network-based forensic examination is important for IP theft, SOX investigations and HR cases.

Ultimately, the goal is to establish a legally defensible response plan that builds upon prior experience, provides a common language and establishes an effective evidence lifecycle management framework to minimize risk and increase the effectiveness of an investigation. It is a critical piece of overall corporate policy. Combining these investigation areas will provide an organized business workflow that efficiently combines people, processes and technology.